From 4c30cf0e71738271994adacecb541069fc78b5c6 Mon Sep 17 00:00:00 2001 From: Victor Dubiniuk Date: Thu, 26 Sep 2013 21:01:41 +0300 Subject: [PATCH] Guest can finally edit --- ajax/documentController.php | 11 +++- ajax/otpoll.php | 20 +++--- ajax/sessionController.php | 8 ++- lib/file.php | 127 +++++++++++++++++++++++------------- lib/member.php | 3 +- 5 files changed, 109 insertions(+), 60 deletions(-) diff --git a/ajax/documentController.php b/ajax/documentController.php index 19528333..e5622e03 100644 --- a/ajax/documentController.php +++ b/ajax/documentController.php @@ -17,6 +17,7 @@ class DocumentController extends Controller{ public static function create($args){ $uid = self::preDispatch(); + $view = new \OC\Files\View('/' . $uid . '/files'); $path = Helper::getNewFileName($view, '/New Document.odt'); @@ -32,9 +33,15 @@ class DocumentController extends Controller{ * @param array $args - array containing session id as anelement with a key es_id */ public static function serve($args){ - self::preDispatch(false); - $session = Session::getSession(@$args['es_id']); + + $file = new File(@$session['file_id']); + if (!$file->isPublicShare()){ + self::preDispatch(false); + } else { + self::preDispatchGuest(false); + } + $filename = isset($session['genesis_url']) ? $session['genesis_url'] : ''; $documentsView = new View('/' . $session['owner']); $download = new Download($documentsView->initDocumentsView(), $filename); diff --git a/ajax/otpoll.php b/ajax/otpoll.php index a437fee9..ff6d6215 100644 --- a/ajax/otpoll.php +++ b/ajax/otpoll.php @@ -37,17 +37,20 @@ namespace OCA\Documents; - -//TODO: check if the session is related to a public share - //\OCP\JSON::checkLoggedIn(); - - - \OCP\JSON::checkAppEnabled('documents'); - // session_write_close(); - $response = array(); + try{ $request = new Request(); + $esId = $request->getParam('args/es_id'); + + $session = Session::getSession($esId); + $file = new File(@$session['file_id']); + if (!$file->isPublicShare()){ + Controller::preDispatch(false); + } else { + Controller::preDispatchGuest(false); + } + $command = $request->getParam('command'); switch ($command){ case 'query_memberdata_list': @@ -84,7 +87,6 @@ try{ case 'sync_ops': $seqHead = (string) $request->getParam('args/seq_head'); if (!is_null($seqHead)){ - $esId = $request->getParam('args/es_id'); $memberId = $request->getParam('args/member_id'); $ops = $request->getParam('args/client_ops'); $hasOps = is_array($ops) && count($ops)>0; diff --git a/ajax/sessionController.php b/ajax/sessionController.php index 165a37c9..60cb29c4 100644 --- a/ajax/sessionController.php +++ b/ajax/sessionController.php @@ -44,7 +44,6 @@ class SessionController extends Controller{ * Store the document content to its origin */ public static function save(){ - $uid = self::preDispatch(); try { $sessionID = @$_SERVER['HTTP_WEBODF_SESSION_ID']; if (!$sessionID){ @@ -65,6 +64,13 @@ class SessionController extends Controller{ } $file = new File($session['file_id']); + if (!$file->isPublicShare()){ + self::preDispatch(); + } else { + self::preDispatchGuest(); + } + + list($view, $path) = $file->getOwnerViewAndPath(); $isWritable = ($view->file_exists($path) && $view->isUpdatable($path)) || $view->isCreatable($path); diff --git a/lib/file.php b/lib/file.php index e5fdf59b..e40d6b6c 100644 --- a/lib/file.php +++ b/lib/file.php @@ -27,6 +27,7 @@ class File { protected $fileId; protected $owner; protected $path; + protected $sharing; public function __construct($fileId){ if (!$fileId){ @@ -34,6 +35,10 @@ class File { } $this->fileId = $fileId; + + //if you know how to get sharing info by fileId via API, + //please send me a link to video tutorial :/ + $this->sharing = $this->getSharingOps(); } public static function getByShareToken($token){ @@ -47,8 +52,6 @@ class File { } $file = new File($rootLinkItem['file_source']); - $file->setOwner($rootLinkItem['uid_owner']); - $file->setPath('/files' . $rootLinkItem['file_target']); return $file; } @@ -64,6 +67,18 @@ class File { public function setPath($path){ $this->path = $path; } + + public function isPublicShare(){ + foreach ($this->sharing as $share){ + if ( + $share['share_type'] == \OCP\Share::SHARE_TYPE_LINK + || $share['share_type'] == \OCP\Share::SHARE_TYPE_EMAIL + ){ + return true; + } + } + return false; + } /** * @@ -71,69 +86,87 @@ class File { * @throws \Exception */ public function getOwnerViewAndPath(){ - if (!$this->owner || !$this->path){ - $fileInfo = \OC\Files\Cache\Cache::getById($this->fileId); - - //is it shared - $sharedInfo = $this->getSharedBySource(); - - if (is_array($sharedInfo)){ - $owner = $sharedInfo['uid_owner']; - $path = $sharedInfo['path']; + if (!$this->owner || !$this->path){ + $info = $this->getSharedFileOwnerAndPath(); + if (is_array($info) && count($info)){ + $owner = $info[0]; + $path = $info[1]; } else { - // owner is myself - $owner = \OCP\User::getUser(); - $path = @$fileInfo[1]; + list($owner, $path) = $this->getLocalFileOwnerAndPath(); } if (!$path){ throw new \Exception($this->fileId . ' can not be resolved'); } - - $view = new View('/' . $owner); + $this->path = $path; $this->owner = $owner; - } else { - $view = new View('/' . $this->owner); - $path = $this->path; } - if (!$view->file_exists($path)){ - throw new \Exception($path . ' doesn\'t exist'); + $view = new View('/' . $this->owner); + if (!$view->file_exists($this->path)){ + throw new \Exception($this->path . ' doesn\'t exist'); } - return array($view, $path); + return array($view, $this->path); } - + public function getOwner(){ if (!$this->owner){ + $this->getOwnerViewAndPath(); + } + return $this->owner; + } + + protected function getSharedFileOwnerAndPath(){ + $result = array(); + foreach ($this->sharing as $share){ + return array( + $share['uid_owner'], + $share['path'] + ); + } + + return $result; + } + + + protected function getLocalFileOwnerAndPath(){ + $fileInfo = \OC\Files\Cache\Cache::getById($this->fileId); + $owner = \OCP\User::getUser(); + if (!$owner){ + throw new Exception('Guest users can\'t access local files. This one was probably unshared recently.'); + } - $fileInfo = \OC\Files\Cache\Cache::getById($this->fileId); + return array ($owner, @$fileInfo[1]); + } - //is it shared - $sharedInfo = $this->getSharedBySource(); - if (!is_array($sharedInfo)){ - $sharedInfo = $this->getSharedByLink(); - } + protected function getSharingOps(){ - if (is_array($sharedInfo)){ - $this->owner = $sharedInfo['uid_owner']; - } else { - // owner is myself - $this->owner = \OCP\User::getUser(); + $where = 'AND `file_source`=?'; + $values = array($this->fileId); + + if (\OCP\User::isLoggedIn()){ + $where .= ' AND ((`share_type`=' . \OCP\Share::SHARE_TYPE_USER . ' AND `share_with`=?) OR `share_type`=' . \OCP\Share::SHARE_TYPE_LINK . ')'; + $values[] = \OCP\User::getUser(); + } else { + $where .= ' AND (`share_type`=' . \OCP\Share::SHARE_TYPE_LINK . ')'; + } + + $query = \OC_DB::prepare('SELECT `*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, ' + .'`share_type`, `share_with`, `file_source`, `path`, `file_target`, ' + .'`permissions`, `expiration`, `storage`, `*PREFIX*filecache`.`parent` as `file_parent`, ' + .'`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`' + .'FROM `*PREFIX*share` INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` WHERE `item_type` = `file` ' . $where); + $result = $query->execute($values); + $shares = $result->fetchAll(); + + $origins = array(); + if (is_array($shares)){ + foreach ($shares as $share){ + $origins[] = \OCP\Share::resolveReShare($share); } } - return $this->owner; - } - - protected function getSharedBySource(){ - return \OCP\Share::getItemSharedWithBySource( - 'file', - $this->fileId, - \OCP\Share::FORMAT_NONE, - null, - true - ); + return $origins; } - -} \ No newline at end of file +} diff --git a/lib/member.php b/lib/member.php index 7a8c7c62..8970f1b8 100644 --- a/lib/member.php +++ b/lib/member.php @@ -55,9 +55,10 @@ class Member extends Db{ } public static function updateMemberActivity($memberId){ - $query = \OCP\DB::prepare('UPDATE ' . self::DB_TABLE . ' SET `last_activity`=? WHERE `member_id`=?'); + $query = \OCP\DB::prepare('UPDATE ' . self::DB_TABLE . ' SET `last_activity`=?, `status`=? WHERE `member_id`=?'); $query->execute(array( time(), + self::MEMBER_STATUS_ACTIVE, $memberId )); }